385b35f163cd410e50a4cda6f2d64d2b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

385b35f163cd410e50a4cda6f2d64d2b_JaffaCakes118
Size

192KB
MD5

385b35f163cd410e50a4cda6f2d64d2b
SHA1

ad0b310114c730aca691926d2fa84cc46abcf36f
SHA256

b461294c7b1a0f756b161f3034da8eb39f63aab6466736a68c82dc409d827b87
SHA512

064847fd0f4516087f89f27d2794bd3d5bc0ec2ab8af012b7c12959390362d81cb69563257c80918193c9e032a2c72bfd3151d70aaa27260cfa74dca1fb35859
SSDEEP

3072:IP2e/yi+060kP9HSbGeRLCy7Ic4HFEGaqZDh+WQ1cv1Aoy/eXMljpxKcfdGX9kD0:IR/yilZtl98j+LeAoyeXMVXGX920

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
385b35f163cd410e50a4cda6f2d64d2b_JaffaCakes118

Files

385b35f163cd410e50a4cda6f2d64d2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

564cebb98b0540f21f55c6ca8d4da6ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetACP
GetAtomNameW
GetLocaleInfoA
GetOEMCP
VirtualAlloc
RtlUnwind
TlsSetValue
GetTimeFormatA
GetCPInfo
MultiByteToWideChar
EnumResourceNamesA
TlsGetValue
SetFilePointer
IsValidCodePage
HeapSize
GetDateFormatA
FindResourceA
WriteConsoleA
TlsAlloc
SetStdHandle
GetConsoleOutputCP
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
SHAppBarMessage
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
ShellExecuteExW
SHGetPathFromIDListW
ShellExecuteW
DragAcceptFiles
SHGetDesktopFolder
SHGetSpecialFolderLocation
Shell_NotifyIconW

Sections

.text
Size: 90KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ